$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/cLxi72b9paIev33kDV4nVFE7Tns.roa File: cLxi72b9paIev33kDV4nVFE7Tns.roa (raw, json) Hash identifier: PCgQXxiNsu9GWTBu/onMzvasQqfooKhs0qT6ZhkeBrY= Subject key identifier: 70:BC:62:EF:66:FD:A5:A2:1E:BF:7D:E4:0D:5E:27:54:51:3B:4E:7B Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 1902 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/cLxi72b9paIev33kDV4nVFE7Tns.roa Signing time: Fri 22 Aug 2025 09:02:41 +0000 ROA not before: Fri 22 Aug 2025 09:02:41 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 3462 IP address blocks: 61.224.0.0/14 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 00:46:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6402 (0x1902) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 22 09:02:41 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=70BC62EF66FDA5A21EBF7DE40D5E2754513B4E7B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:d0:12:05:e8:e5:ca:99:7c:80:e0:61:d3:4d: b9:29:95:bb:8b:09:6f:41:0d:c5:25:44:d2:ce:59: b8:a1:b4:21:57:09:26:0b:d2:d8:ac:98:2c:73:26: c9:f7:b0:27:33:3f:35:bd:d1:ba:fa:f5:7b:4a:36: 31:db:ed:95:0a:b9:2e:10:be:7d:a1:73:57:3b:f2: db:b3:d6:67:ad:fb:19:4a:5b:72:63:63:40:50:6d: 38:86:4e:0d:6b:00:bf:4d:67:99:90:4b:68:ca:7f: e4:cc:35:1c:8f:44:ab:11:3b:d2:78:ad:01:5f:fc: f7:0a:35:09:fb:ec:8a:bc:d5:10:55:08:e7:f1:b7: 2e:28:7a:4a:ed:17:89:b0:82:a8:56:ab:dc:02:c2: ea:40:a7:ab:e2:8e:ee:f4:8d:ed:8c:f4:95:1b:a2: e0:71:d8:05:3f:dd:be:e8:c9:9a:62:a5:6d:ec:4d: af:46:3e:c8:35:2c:c4:88:37:4c:57:8c:b8:d6:f9: 51:09:8a:f0:4a:a3:41:47:10:31:54:2a:1a:27:0a: ea:c4:2b:b6:f3:5c:8c:30:65:f9:83:6f:a5:14:e0: 6f:eb:66:10:39:c4:54:e7:6c:fe:1d:29:03:ff:0b: 07:c9:6f:fe:ca:85:c2:0d:ec:f9:df:6b:73:37:f4: 72:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:BC:62:EF:66:FD:A5:A2:1E:BF:7D:E4:0D:5E:27:54:51:3B:4E:7B X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/cLxi72b9paIev33kDV4nVFE7Tns.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.224.0.0/14 Signature Algorithm: sha256WithRSAEncryption 71:7e:67:41:81:b3:b0:c0:ea:2f:85:34:5f:0b:6f:74:52:cc: 2a:14:c3:a5:87:24:1e:fa:fb:b2:63:06:0e:c0:ed:38:7e:52: be:3b:76:40:bf:cb:7b:8a:5e:3a:ff:ce:85:b5:48:f2:d1:2d: 5c:2c:f4:51:ba:f1:65:90:88:2c:b4:d5:37:5c:75:29:93:f2: 11:95:d0:e8:d9:ec:3b:53:61:c3:ec:46:9b:9e:bc:40:f1:f9: 44:32:95:07:d5:a5:a2:df:a4:9e:5e:cb:4f:38:3f:3d:fb:d0: 7f:db:bb:3f:6d:e6:87:73:47:6d:b9:68:31:af:b1:d9:c3:57: 41:a0:0b:cb:6f:0d:a6:e3:10:db:da:a3:05:41:bc:be:36:29: aa:29:45:58:f8:79:8a:ea:af:ab:95:14:3e:a4:d0:b5:28:a6: 07:a2:ae:4b:7c:e2:f8:13:29:49:99:79:1e:d4:04:3a:97:bc: 8a:32:62:07:fa:87:f8:9f:b4:11:95:bb:15:af:72:ec:ff:20: 69:1f:f9:2e:fb:0b:3c:85:cb:33:31:ef:40:19:c5:0f:5a:26: f7:8d:0e:ab:5d:3c:5a:2b:f0:b6:76:c4:25:b4:ad:47:e3:6d: ab:54:ea:aa:a6:2f:ee:0c:9b:b0:16:f5:19:f4:99:3d:fc:e3: 4b:c9:b4:03 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICGQIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTA4MjIw OTAyNDFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDcwQkM2MkVGNjZGREE1 QTIxRUJGN0RFNDBENUUyNzU0NTEzQjRFN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDO0BIF6OXKmXyA4GHTTbkplbuLCW9BDcUlRNLOWbihtCFXCSYL 0tismCxzJsn3sCczPzW90br69XtKNjHb7ZUKuS4Qvn2hc1c78tuz1met+xlKW3Jj Y0BQbTiGTg1rAL9NZ5mQS2jKf+TMNRyPRKsRO9J4rQFf/PcKNQn77Iq81RBVCOfx ty4oekrtF4mwgqhWq9wCwupAp6viju70je2M9JUbouBx2AU/3b7oyZpipW3sTa9G Psg1LMSIN0xXjLjW+VEJivBKo0FHEDFUKhonCurEK7bzXIwwZfmDb6UU4G/rZhA5 xFTnbP4dKQP/CwfJb/7KhcIN7Pnfa3M39HJjAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUcLxi72b9paIev33kDV4nVFE7TnswHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9jTHhpNzJiOXBhSWV2MzNrRFY0 blZGRTdUbnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMCPeAw DQYJKoZIhvcNAQELBQADggEBAHF+Z0GBs7DA6i+FNF8Lb3RSzCoUw6WHJB76+7Jj Bg7A7Th+Ur47dkC/y3uKXjr/zoW1SPLRLVws9FG68WWQiCy01TdcdSmT8hGV0OjZ 7DtTYcPsRpuevEDx+UQylQfVpaLfpJ5ey084Pz370H/buz9t5odzR225aDGvsdnD V0GgC8tvDabjENvaowVBvL42KaopRVj4eYrqr6uVFD6k0LUopgeirkt84vgTKUmZ eR7UBDqXvIoyYgf6h/iftBGVuxWvcuz/IGkf+S77CzyFyzMx70AZxQ9aJveNDqtd PFor8LZ2xCW0rUfjbatU6qqmL+4Mm7AW9Rn0mT3840vJtAM= -----END CERTIFICATE-----Generated at Fri Sep 5 21:12:30 2025 by rpki-client